Monday, August 23, 2010

The Cost of Compliance

It seems that every industry today is plagued with a growing mound of compliance related red tape. According to Jorge Lopez of Gartner Research, "Over the last few years...budgets that were dedicated to dealing with regulations were rising at a rate that was twice as fast as the IT budgets." This coupled with economic pressures to do more with less people is quite overwhelming to many organizations. For this article we will focus on the automotive industry and the medical device industry, but similar challenges exist in many other industries. Specifically, we will look at the challenges they face and how automation plays a significant role in enabling organizations to overcome these obstacles.

Compliance in the Automotive Industry
You need not know much about the automotive industry to know that the economy has taken a severe toll on most if not all global automotive manufacturers. In addition, there have been several high profile safety recalls in recent years as well that have impacted all manufacturers. Many in the industry suggest that the complexity of the modern automobile has much to do with the inability of most manufacturers to control quality and safety to the highest levels. In fact, the next generation S-Class Mercedes is reported to have in excess of 100 Million lines of software code embedded in the various systems that control almost every aspect of the vehicle. This is astounding considering most cars were just topping a million lines of code just a few years ago.

The result of these challenges and recognized complexity is the introduction of much more stringent functional safety requirements in the new ISO 26262 regulations that move into full force in 2011. These types of compliance standards are not really new as ISO 26262 is derived from the IEC 61508 which is related to FAA DO-178b and other standards, but nonetheless complying with these standards is no trivial matter and will undoubted cost the automotive industry $100s of millions if not into the billions of dollars.

In preparation, most auto OEMs and suppliers are looking to technology partners such as MKS to supply them with solutions that are more cost and time effective in proving compliance. These systems must include the following capabilities, just to name a few:
  • Manage all engineering assets from requirements and design at the front end to final validation and verification test procedures and results with many other assets in between.

  • Manage end to end traceability of these assets such that they can show that each and every requirement has been validated as well as traceability from requirements down into the code.

  • Manage all identified risks and clearly show mitigation of these risks by the appropriate requirements using some system such as FMEA.

  • Manage all relevant metadata such as Calibration Data as part of the solution.

  • Ensure strict change management procedures are adhered to across all lifecycle assets

  • Automate and enforce compliance requirements for model driven development (MDD) providing trace through model support.

  • The solution should be certified by TUV or some similar compliance certification organization to ensure compliance of the solution.

Current tools in place for most automotive companies are just not adequate to handle these requirements as most have complex networks of disparate tools and repositories with brittle integrations that cannot provide the end to end traceability, visibility, and reporting required to show compliance. If they could make current systems work, the solutions would be both cost and time prohibitive.

Compliance in the Medical Device Industry
Although not as conspicuous, the medical device industry is under very similar constraints and challenges with tough FDA and EU regulations. Recalls and regulatory compliance pressure for medical devices, especially for Class 1 and 2 device manufacturers, can be extremely costly and time consuming. One recent company we worked with cited 6 weeks of effort for a team of resources had to be tacked on to the end of the development process exclusively for preparing documentation, reports, and trace information to ensure compliance for an FDA 510K submission.

According to one source, the FDA has doubled and maybe tripled the number of inspectors just during the Obama administration. These medical device companies are feeling the pain of compliance using the manual and disparate systems most currently have in place. The costs for manually managing compliance is well in to the millions of dollars annually for many, but the threat of non-compliance or safety related recalls using these error prone systems is actually much greater. This is forcing many into searching for a more automated and comprehensive solution.

An automated platform that would ensure cost effective compliance with these rigorous requirements would need to employ an analogous set of capabilities including:
  • Rigorous management of requirements, specs, design, risks, test protocols, etc. across hardware and software.

  • Comprehensive traceability across all related engineering assets

  • Automated production of EU and FDA specific reports including the Design History File (DHF)

  • A solution that has undergone a computer systems validation (CSV) ensuring 21 CFR Part 11 compliance.

The MKS Integrity Platform
Many automotive and medical device companies rely on the MKS Integrity platform for helping them ensure compliance. The Integrity platform was architected to manage the diverse set of related engineering assets that span the lifecycle. Integrity has received numerous accolades as having best in class functionality in various disciplines including requirements management, software change and configuration management.

The key lies in the ability for Integrity to provide full configuration and change management for all assets in a highly scalable and flexible single platform. Automated work-flow provides hyper productivity while ensuring compliance with industry and company specific standards. Out of the box solution templates for many industries ensure rapid deployment and near instant time to value.

The Conclusion
Compliance does not have to be nearly as costly as it currently is for most organizations. With the right solution in place organizations can drastically reduce the time and cost of compliance while improving overall product quality and safety. Please contact MKS for more information about our solutions.